Classroom Public page

Lab 5-1: DHCP Handshake

341 words

Course: NET-101, Week 5 Time: ~45 minutes (paired with lab-5-2-dns.md for one 90-minute session) Tools: Academy pcap-tools workbench at /pcap-tools/ Captures: fundamentals-dhcp-handshake.pcap, dhcp-handshake.pcap

Part 1: Trace the DORA exchange in the fundamentals capture (~25 minutes)

Load fundamentals-dhcp-handshake.pcap in pcap-tools. This capture contains the complete DHCP four-step handshake: DISCOVER, OFFER, REQUEST, ACK.

Apply the display filter dhcp to see only DHCP packets.

For each of the four packets, record:

Step DHCP message type Source IP Dest IP Source port Dest port
DISCOVER
OFFER
REQUEST
ACK

Questions:

  1. Why does the DISCOVER use 0.0.0.0 as the source IP? (Hint: what does the client have at this point in the process?)
  2. Why does the DISCOVER use 255.255.255.255 as the destination IP?
  3. What IP address does the OFFER assign to the client? Look in the DHCP option "Your (client) IP address" field.
  4. What is the lease time in the ACK packet? (Look for the DHCP option "IP Address Lease Time.") Express it in human-readable units.
  5. The DISCOVER and REQUEST are both broadcasts. Why is the REQUEST also a broadcast, even though the client already has an OFFER from one specific server?

Expand the DHCP options in one packet:

Click the OFFER packet. Expand "Dynamic Host Configuration Protocol (offer)" and then expand "Options."

  1. List at least 4 DHCP options present in the OFFER. For each: option number, option name, and value.

Part 2: Compare to the upstream-mirrored capture (~15 minutes)

Load dhcp-handshake.pcap (the Wireshark wiki sample, mirrored in the academy catalog).

Apply dhcp filter.

  1. How many DHCP packets are in this capture? Is it also a DORA sequence?
  2. Compare the DHCP options in this capture to the fundamentals version. Are any options different? Are any present in one but not the other?
  3. What IP address is being offered in this capture?

Artifact

Create lab-5-1.md in your net-101/ Git repo with:

  • The DORA table (both captures)
  • Answers to all questions
  • The list of DHCP options from the OFFER packet

Commit with a meaningful commit message. (This lab combines with lab-5-2 into one commit is fine.)